File infection is a technology often used by a virus and Trojan and occurred in a long past. This technology involves adding a virus code to a code of a normal program to achieve synchronous running along with the infected program, thereby destroying the infected computer and spreading on its own, and performing vicious behaviors such as theft of user's password or virtual assets and upload the user's sensitive information. For the user's convenience, the infected file generally needs to be repaired.
In the prior art, the repair procedure of the infected file is deletion of the malicious code inserted in the normal file. The procedure is generally as follows: the user terminal scanning files→finding the infected file→locating the malicious code such as the virus or Trojan in the file code→deleting the malicious code portion according to the located malicious code such as the virus or Trojan. However, in practice, since the virus has too many variants after combating against security software, processing the infected file by the current method has the following drawbacks: (1) complete repair is hard to achieve; (2) after being repaired, many files still have residual malicious code; (3) many files cannot be executed normally after being repaired (individual files might cause system failure or failure to normally use the application software); (4) when files cannot be repaired (e.g., over 80% of the file is infected, it is almost impossible to delete the malicious code from the original file code), they have to be isolated (deleted); (5) when crucial files of the system cannot be repaired, the user does not venture to delete them and have to retain them. In one word, the current file repair technology substantially cannot ensure complete deletion of the malicious code from the infected file, nor can ensure the file normal.